Steady State for Windows

Customize and simplify user experience by configuring Windows computers and prevent unauthorized changes with SteadyState software

What is Windows SteadyState?

Windows SteadyState is a free tool offered by Microsoft that helps administrators to set up, configure and manage shared Windows computers. It is developed as an additional system security tool for the 32-bit versions of Windows Vista and Windows XP. Exclusively designed for use on Workstations with multiple users, as found in libraries and schools, Windows SteadyState offers enhanced shared computer management options to Windows administrators. These include the ability to customize and simplify user experience by configuring Windows computers, and prevent unauthorized changes through advanced user management and hard drive protection.

Windows SteadyState was first released by Microsoft as Shared Computer Toolkit (SCT) in 2005. It was offered as a free download for the effective management of shared computing environments. In June 2007, this toolkit was renamed as Windows SteadyState, which offered more ease of use and increased flexibility to system administrators to configure and manage shared computers.

Windows Steady State

How Windows SteadyState Works?

Windows SteadyState functions by transferring all the accesses into a temporary file when the system is being used. With a logout or reboot, Steady State facilitates the removal of such files, thus ensuring that the system is restored its original state. Thus, Windows SteadyState increases the availability and reliability of shared computers, that helps administrators provide a more consistent experience to each system user. Additionally, in SteadyState-managed Windows workstations, administrators can restrict users’ ability to change system settings, which provides enhanced system security and performance in the long-run.

Windows Steady State

Features of Windows SteadyState Software

Windows SteadyState helps protect shared computers from erroneous changes made by users, reverts unwanted software installations, and safeguards the system resources. It provides the following features for shared computer management:

SteadyState Software
SteadyState Software

Windows Disk Protection:

When enabled, Windows Disk Protection (WDP) redirects all changes performed over the system partition into a temporary cache on the same partition. This allows IT administrators to undo such changes made in the system by users upon reboot. WDP can also roll back the system to its initial deployed state after a scheduled interval, or upon administrator’s request. WDP offers three modes of protection as given below, and requires a reboot to switch among these modes:

  • Discard Mode: When this mode is activated, the cache is cleared upon reboot. This means every time the system is restarted, all changes will be discarded, and the system will be reverted to a previously stored state.
  • Persist Mode: When this mode is enabled, the changes saved to a temporary cache remains intact across reboots. However, an administrator can set a particular date and time when the changes will be discarded.
  • Commit Mode: When WDP is in the Commit mode, the cache content is written out to disk and saved permanently. Additionally, new changes will no longer be redirected to cache.
Steady State Software Setting

User Restriction and Settings

This feature of the Windows SteadyState allows administrators to block access of users to Windows settings and items on the Start menu, and prepare user environments as per requirement. Administrators can lock user accounts to ensure all changes made by the users are not permanent. Locked accounts create temporary copies of the user profiles during their sessions. However, these temporary profiles are removed when the users log off from the system. In addition, Administrators can also limit access of individual users to certain Windows programs to ensure additional security. A list of such programs can be found on desktop and in Windows Program Files directory. If required, administrators can also manually add programs from other locations for this purpose.

Steady State Software Setting
SteadyState Computer Restore
SteadyState Computer Restore

Computer Restrictions

This SteadyState feature helps administrators control privacy and security settings and perform system-wide changes, if necessary. For example, depending on the requirement, they can delete shutdown dialog box from the login screen, hide the built-in Administrator account from view, and disable the welcome screen. SteadyState also helps administrators prevent users from making certain changes in the system that might affect the health of the system, or might be undesirable for that computing environment. For example, users can be prevented from opening office documents from Internet Explorer, or creating folders on C Drive.

Windows Restore with SteadyState

User Account Manager

This component of Windows SteadyState software allows administrators to create and remove user accounts as per requirements. With User Account Manager, administrators can also create user accounts on alternative drives which ensures the retention of user data and setting when the WDP is enabled. In addition, User Account Manager also helps administrators save time and system resources by letting them import and export user settings from one Windows computer to another.

Windows Restore with SteadyState
SteadyState Software Updates
SteadyState Software Updates

Scheduling of Software Updates

With this SteadyState feature, administrators can install latest software updates and patches at a convenient time. If Steadystate is in its default mode, it will delete any Windows update or patches installed on the system upon reboot. However, Windows SteadyState can be configured to apply recent updates in a manner that those will not be removed upon reboot.

Discontinuation of Windows SteadyState Software

Microsoft supported Windows SteadyState till 30th June 2010, and declared that it would be phased out with effect from 31st December 2010. This freeware was eventually discontinued by Microsoft after the release of Windows 7 and is no longer available for downloading. The company claimed that it is possible to manage and configure shared computers with multiple native features available in Windows 7, which made the usage of Windows SteadyState redundant. After the discontinuation of Windows SteadyState, the Microsoft published “Creating A SteadyState by Using Microsoft Technologies” in the TechNet Library. It offers various on-board tools and technologies, such as Group Policy Settings, AppLocker and Microsoft Deployment Toolkit (MDT), with which multiple features of Windows SteadyState can be replicated on 64-bit versions of Windows including Windows 7 and 8. For example, Group Policy Settings can be configured to restrict users from changing them. MDT helps in re-imaging shared Windows computers so as to restore them to their original states. However, these tools were never introduced as a complete Microsoft SteadyState replacement.

Windows SteadyState Alternative

The Requirement of A Windows SteadyState Alternative

With Windows SteadyState out of action, various organisations, that relied on Windows SteadyState for workstation protection and management and were planning to upgrade to Windows 7, are no longer covered. This has created a security gap, prompting Windows administrators to look for comparable solutions to fill the void. There has been a persistent demand for a Windows SteadyState alternative among administrators, which will play an instrumental role in shared computer management, and will provide faster and more effective workstation recovery solutions in the event of sudden system failure/slowdown. In addition, public access computers running Windows OS are also susceptible to sudden configuration drifts due to changes by users, software errors and external threats, such as malware and virus, which require proactive system management for quick disaster recovery and business continuity. This has made the need for a Windows system restore software more pressing.

Windows SteadyState Alternative
Deep Freeze - Alternative to SteadyState
Deep Freeze - Alternative to SteadyState

Deep Freeze Reboot to Restore

Deep Freeze is one of the core products offered by Faronics Corporation that uses patented Reboot to Restore technology for Windows and Mac system recovery. Deep Freeze preserves the system configuration as set by the Windows administrators, and restores the computer to that pre-defined state with each reboot. Deep Freeze employs a simple Reboot to Restore functionality – it transfers data being accessed to an allocation table and keeps the original data intact. When the Windows computer is restarted, it does not refer to the data on the allocation table, and takes back the system to its original pristine state.

With Deep Freeze deployed on the Windows networked systems, users can perform any changes they want on the system. Users can modify core system files and download any software during their individual sessions. However, with each reboot, all such changes are reverted and system is taken back to its originally configured ‘frozen’ state, which helps each new user to work with a standard configuration. This simple system restore solution improves system performance, and helps end-users to manage IT-related issues independently with minimal tech support. By instantly restoring the Windows systems into a desired and functional state upon reboot, Deep Freeze eliminates the need of troubleshooting or constantly performing re-imaging on machines. As a result, customers after using Deep Freeze have reported 63% reduction in IT service tickets. Deep Freeze makes use of very few system resources and offers instant results, which makes it appropriate for diverse computing environments with multiple users.

Deep Freeze has often been considered as Windows SteadyState alternative by users and administrators that provides improved and more effective solutions for shared computer management. Unlike Windows SteadyState, Deep Freeze is compatible with all the latest Windows editions including Windows 7, Windows 8 and 8.1, and Windows 10. If any Windows system is found to be in a damaged state, users just need to restart their computer once for instant recovery instead of running multiple reboots. In addition, it provides administrators with a single console by which selected/all workstations, that have Deep Freeze installed in them, can be centrally managed. Administrators can automate scheduled Windows updates through the console, which eliminates the need of performing it manually over all on-field computers. Deep Freeze can also be integrated with third-party Desktop Management tools like Symantec Altiris, Microsoft SCCM, Spiceworks and Dell KACE. Deep Freeze’s Reboot to Restore features are also available on cloud-based platform through Deep Freeze Cloud. Administrators already using Deep Freeze Enterprise for on-premise system management can choose Deep Freeze Cloud Connector to get a web-based management console, which helps them update and manage those systems from remote locations.

Reboot to Restore technology mitigates unwarranted configuration changes and resolves IT issues with a simple yet effective reboot.